Privacy Notice

Mastercard International Incorporated ("Mastercard") respects your privacy. This Mastercard Donation Service website (the "Site") is a program ("Program") offered by Mastercard International Incorporated ("Mastercard") and is hosted by Goodworld Incorporated. Mastercard is the entity responsible for the processing of your personal data in the context of this Program, which provides the channel to donate to selected charities and causes identified on this website (the "Site"). This Privacy Notice describes the types of personal data we collect in connection with the Program, the purposes for which we collect such personal data and with whom we may share it. This Privacy Notice also describes the measures we take to protect the security of the personal data. We also tell you how you can reach us to update your contact information or get answers to questions you may have about our privacy practices.

This Privacy Notice applies to this website (the "Site") in connection with your participation in Program and it does not cover the collection and use of your personal data on any other Mastercard branded websites or by your Mastercard issuers (e.g. your bank) or any other information or communications that may refer to Mastercard outside Program (e.g. communications from banks).

Your visit to the Site is subject to this Privacy Notice and the Terms of Use. Children and minors (under the age of 18) are not eligible to use the Program. For more information about Mastercard's privacy practices outside the scope of the Program, please visit our Global Privacy Notice.

Click on one of the links below to jump to the listed section:

1. Information We Collect About You
2. How We Use the Information We Collect
3. Information We Share
4. Transfer of Personal Data
5. How We Protect Personal Data
6. Your Rights and Choices
7. Links to Other Websites
8. Updates to this Privacy Notice
9. How to Contact Us

1. Information We Collect About You

We may collect personal data we receive directly from you through the Site, upon registration and via your subsequent interactions with us in connection with the Program. In connection with your participation in the Program and use of the Site, we ask for certain personal data such as your:

• E-mail Address
• First Name
• Last Name
• Password
• Payment Card Information

We also collect information about your transactions while participating in the Program, such as in the course of processing transactions in respect of the donations you make via the Site.

If you do not provide us with your personal data when requested, this may mean we are not able to register you for, or properly administer your participation in the Program, and you may not be able to make donations to the Program. We may also not be able to respond to your inquiries or requests for assistance in connection with the Program if you do not provide us with relevant personal data.

We also use cookies or similar technologies on this Site. Cookies are pieces of information that a website transfers to your computer's hard disk for record keeping purposes and are a necessary part of facilitating online transactions. Most web browsers are set to accept cookies. Cookies are useful to estimate our number of visitors and determine overall traffic patterns through the website. If you do not wish to receive any cookies you may set your browser to refuse cookies. This may mean you will not be able to take full advantage of the services on the Site.

Because there is not yet a consensus on how companies should respond to web browser-based do-not-track ("DNT") mechanisms, Mastercard does not respond to web browser-based DNT signals at this time. To learn more about browser tracking signals and DNT, visit http://www.allaboutdnt.com.

2. How We Use the Information We Collect

We may use the information we obtain about you to:

• Create and manage your online account, identify your eligible transactions, calculate the donation amount and respond to your inquiries;
• Communicate with you regarding the Program and future donation campaigns;
• Validate your payment card information;
• Protect against and prevent fraud, unauthorized transactions, claims and other liabilities, and manage risk exposure and franchise quality;
• Operate, evaluate and improve our business (including developing new products and services; analyzing our products, services and websites; facilitating the functionality of our websites; and performing accounting, auditing, billing, reconciliation and collection activities);
• Monitor the use of and improve our interactive assets;
• As authorized by law and to comply with applicable legal requirements and industry standards and our policies;
• Enforce our Terms of Use;
• Perform auditing, research and analysis in order to maintain, protect and improve our services; and
• Protect against and prevent fraud, unauthorized transactions, claims and other liabilities.

We may also use the information in other ways for which we provide specific notice at the time of collection.

We will not subject you to a decision based solely on automated processing that produces legal effects concerning you or similarly significantly affects you, unless you explicitly consented to the processing, the processing is necessary for entering into, or performance of a contract between you and Mastercard, or when we are legally required to use your personal data in this way, for example to prevent fraud.

3. Information We Share

We do not disclose personal data we collect about you, except as described herein or otherwise disclosed to you at the time of the data collection. We do not sell personal data we collect about you, as defined by the California Consumer Privacy Act.

• We share information to operate the Program and this Site with our affiliates.
• We share information regarding your donation to the charity organization associated with the Program which you select to receive your donations ("Donation Recipients"). The information we share with Donation Recipients includes: your name, your registered email address, your country, and details of your donation. Donation Recipients may use this information to contact you to thank you for your donation and provide you with information regarding their activities (including the use the Donation Recipient proposes to make, or has made, of your donation) and any tax receipts or certificates which may be required in connection with your donation.
• We share information to perform payment card transactions and to perform the services that you request. We may share the personal information we collect with our headquarters, affiliates, financial institutions that issue payment cards or process payment card transactions, entities that assist with payment card fraud prevention, and merchants. For example, in this context we provide financial institutions with information about their cardholders' transactions that Mastercard processes.
• We also share information with acquirers who process donations made to the Program. The information we share with Acquirers includes: your country, your credit card details and details of your donation. Acquirers use this information to process transactions in respect of your donations made via the Program website.
• We also may share the information with our service providers who perform services on our behalf. We do not authorize these service providers to use or disclose the information except as necessary to perform certain services on our behalf or comply with legal requirements. We require these service providers by contract to appropriately safeguard the privacy and security of personal data they process on our behalf.
• We may disclose information about you as required under applicable law or legal process, or when we believe disclosure is necessary to protect individuals' vital interests, to enforce our Terms of Use, prevent Mastercard against harm or financial loss, or in connection with an investigation of suspected or actual fraudulent or illegal activity.
• We also reserve the right to transfer personal data we have about you in the event we sell or transfer all or a portion of our business or assets. Should such a sale or transfer occur, we will use reasonable efforts to direct the transferee to use personal data you have provided to us in a manner that is consistent with this Privacy Notice. Following such a sale or transfer, you may contact the entity to which we transferred your personal data with any inquiries concerning the processing of that information.

4. Transfer of Personal Data

Mastercard may transfer personal data to recipients outside of your country. The transfer of personal data outside your country may be subject to restrictions, and Mastercard will take all necessary steps to ensure compliance with applicable data protection law, in particular, the legal requirements on adequate protection for data transfers to countries outside your country. Please note however that the countries which Mastercard transfers the personal data to may not have the same data protection laws as the country in which you initially provided the information, and you may not have access to mechanisms to protect the data under the data protection law in that country.

5. How We Protect Personal Data

The security of your personal data is important to Mastercard. We are committed to protecting the information we collect. We maintain reasonable administrative, technical and physical safeguards designed to protect the personal data you provide or we collect against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use. We use SSL encryption on a number of our websites from which we transfer certain personal data.

We also take measures to delete your personal data or keep it in a form that does not permit identifying you when this information is no longer necessary for the purposes for which we process it, unless we are required by law to keep this information for a longer period. When determining the retention period, we take into account various criteria, such as the type of products and services requested by or provided to you, the nature and length of our relationship with you, possible re-enrolment with our products or services, the impact on the services we provide to you if we delete some information from or about you, mandatory retention periods provided by law and the statute of limitations.

6. Your Rights and Choices

You have certain rights regarding the personal data we maintain about you and certain choices about what personal data we collect from you, how we use it, and how we communicate with you. We have developed Mastercard's "My Data Center" portal to facilitate the exercise of your rights to the extent permitted by law. You may also submit a request as described in the "How to Contact Us" section below.

If you are located in California, we will not deny, charge different prices for, or provide a different level of quality of goods or services if you choose to exercise these rights, except where the different price or level of good or service is reasonably related to the value of the data that we receive from you. In some instances, we may not be able to provide you with the good or service that you request if you choose to exercise certain rights.

You can also choose:

• Not to provide personal data to Mastercard by refraining from conducting payment transactions or from submitting personal data directly to us. If you do not provide personal data, you may not be able to benefit from the full range of the services, and we may not be able to provide you with our services if that information is necessary to provide you with them, or if we are legally required to collect it in relation to the provision of such product or service.
• To opt out of the collection and use of certain information, which we collect about you by automated means, when you visit this Site. In certain jurisdictions, you can exercise your choice regarding the use of cookies and similar technologies via the Cookie Consent tool displayed in the bottom right corner of this Site. Your browser may tell you how to be notified of and opt out of having certain types of cookies placed on your device. Note that without certain cookies you may not be able to use all of the features of our websites, apps or online services.
• To opt out of certain uses of information, which we collect about you by automated means, when you visit third-party websites and interact with our ads. We may use service providers to serve ads on those third-party websites. These ads may be customized and served based on the use of data we and our partners have collected on our websites and apps. In addition, some of our service providers and partners may collect information about your online activities over time and across third-party websites to customize and serve these ads. Mastercard ads are sometimes delivered with icons that help consumers (i) learn more about how their data is being used and (ii) exercise choices they may have regarding the use of their data. Please click here or, where applicable, on the icon in our targeted ads to learn about your ability to opt out or limit the use of your browsing behavior for advertising purposes.
• To tell us not to send you marketing emails by clicking on the unsubscribe link within the marketing emails you receive from us or by contacting us as indicated below.

Depending on the jurisdiction in which you are located, you may have the right to:

• Request access to and receive information about the personal data we maintain about you, to update and correct inaccuracies in your personal data, to restrict or to object to the processing of your personal data, to have the information anonymized or deleted, as appropriate, or to exercise your right to data portability to easily transfer your personal data to another company. In addition, you may also have the right to lodge a complaint with a supervisory authority, including in your country of residence, place of work or where an incident took place.
• Withdraw any consent you previously provided to us regarding the processing of your personal data, at any time and free of charge. We will apply your preferences going forward and this will not affect the lawfulness of the processing before your consent withdrawal.

Those rights may be limited in some circumstances by local law requirements.

To update your preferences, ask us to remove your information from our mailing lists or submit a request to exercise your rights under applicable law, contact us as specified in the "How To Contact Us" section below.

If we fall short of your expectations in processing your personal data or you wish to make a complaint about our privacy practices, please tell us because it gives us an opportunity to fix the problem. To assist us in responding to your request, please give full details of the issue. We attempt to review and respond to all complaints within a reasonable time and as required under applicable law.

We attempt to review and respond to all complaints within a reasonable time and as required under applicable law.

7. Links to Other Websites

Our Site may provide links to other websites for your convenience and information. These websites may operate independently from Mastercard. Linked websites may have their own privacy notices or policies, which we strongly suggest you review if you visit any linked websites. To the extent any linked websites you visit are not owned or operated by Mastercard, we are not responsible for the websites' content, any use of the websites, or the privacy practices of the websites.

8. Updates to this Privacy Notice

This Privacy Notice may be updated periodically to reflect changes in our personal data practices. We will post a notice on this Site to notify you of any significant changes to our Privacy Notice and indicate at the top of the notice when it was most recently updated.

9. How to Contact Us

If you would like to update the information we have about you or your preferences, you may do so by accessing the data you have already entered on the Site and modifying it directly. If you have any questions, comments or complaints about this Privacy Notice, or about our handling of your personal data, you can contact us by e-mail: privacyanddataprotection@mastercard.com or by writing to:

Global Privacy Officer

Mastercard International Incorporated

2000 Purchase Street

Purchase, New York 10577

USA